william/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1111 commits 8 branches 0 tags 5.1 MiB
Commit graph

1111 commits

This branch
This branch
All branches
Author SHA1 Message Date
William
97b0b01a48 flake.lock: Update 
Flake lock file updates:

• Updated input 'nix-ai-tools':
    'github:numtide/nix-ai-tools/053759f30ef14cbd87c0a1a1d3e7c729ca0db83f?narHash=sha256-VPcX5z0A58pcbRb3I42fBig3zTPm9a71iwrfgkte2J4%3D' (2025-12-14)
  → 'github:numtide/llm-agents.nix/9ee377d02d7e50e2903d9c7fa53138aebd9ae944?narHash=sha256-yrECdmBoMhUAA8FqUJ1LbtDjuwn%2B38OkFgRrwbEq/DU%3D' (2025-12-16)
• Updated input 'nix-ai-tools/nixpkgs':
    'github:NixOS/nixpkgs/23735a82a828372c4ef92c660864e82fbe2f5fbe?narHash=sha256-yqHBL2wYGwjGL2GUF2w3tofWl8qO9tZEuI4wSqbCrtE%3D' (2025-12-13)
  → 'github:NixOS/nixpkgs/09b8fda8959d761445f12b55f380d90375a1d6bb?narHash=sha256-aq%2BdQoaPONOSjtFIBnAXseDm9TUhIbe215TPmkfMYww%3D' (2025-12-15)
 2025-12-16 08:09:57 -03:00
William
106198878c virtualisation usb passthrough 2025-12-16 07:14:29 -03:00
William
7a0353280e flake.lock: Update 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/9ba0d85de3eaa7afeab493fed622008b6e4924f5?narHash=sha256-lsNWuj4Z%2BpE7s0bd2OKicOFq9bK86JE0ZGeKJbNqb94%3D' (2025-10-28)
  → 'github:ryantm/agenix/fcdea223397448d35d9b31f798479227e80183f6?narHash=sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L%2BVSybPfiIgzU8lbQ%3D' (2025-11-08)
• Updated input 'deploy-rs':
    'github:serokell/deploy-rs/125ae9e3ecf62fb2c0fd4f2d894eb971f1ecaed2?narHash=sha256-N9gBKUmjwRKPxAafXEk1EGadfk2qDZPBQp4vXWPHINQ%3D' (2025-09-01)
  → 'github:serokell/deploy-rs/9c870f63e28ec1e83305f7f6cb73c941e699f74f?narHash=sha256-9I2H9x5We6Pl%2BDBYHjR1s3UT8wgwcpAH03kn9CqtdQc%3D' (2025-11-04)
• Updated input 'disko':
    'github:nix-community/disko/6f4cf5abbe318e4cd1e879506f6eeafd83f7b998?narHash=sha256-XOpKBp6HLzzMCbzW50TEuXN35zN5WGQREC7n34DcNMM%3D' (2025-10-31)
  → 'github:nix-community/disko/be1a6b8a05afdd5d5fa69fcaf3c4ead7014c9fd8?narHash=sha256-MjrytR2kiHYUnzX11cXaD31tS7kKdhM1KFaac0%2BKAig%3D' (2025-12-14)
• Updated input 'disko/nixpkgs':
    'github:NixOS/nixpkgs/dab3a6e781554f965bde3def0aa2fda4eb8f1708?narHash=sha256-lFNVsu/mHLq3q11MuGkMhUUoSXEdQjCHvpReaGP1S2k%3D' (2025-07-15)
  → 'github:NixOS/nixpkgs/a8d610af3f1a5fb71e23e08434d8d61a466fc942?narHash=sha256-v5afmLjn/uyD9EQuPBn7nZuaZVV9r%2BJerayK/4wvdWA%3D' (2025-11-20)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/0010412d62a25d959151790968765a70c436598b?narHash=sha256-z5PlZ47j50VNF3R%2BIMS9LmzI5fYRGY/Z5O5tol1c9I4%3D' (2025-11-01)
  → 'github:hercules-ci/flake-parts/5635c32d666a59ec9a55cab87e898889869f7b71?narHash=sha256-MhA7wmo/7uogLxiewwRRmIax70g6q1U/YemqTGoFHlM%3D' (2025-12-11)
• Updated input 'home-manager':
    'github:nix-community/home-manager/8c824254b1ed9e797f6235fc3c62f365893c561a?narHash=sha256-I%2B8yE5HVR2SFcHnW0771psQ/zn0qVzsKHY/gUM0nEVM%3D' (2025-11-03)
  → 'github:nix-community/home-manager/58bf3ecb2d0bba7bdf363fc8a6c4d49b4d509d03?narHash=sha256-yeCxFV/905Wr91yKt5zrVvK6O2CVXWRMSrxqlAZnLp0%3D' (2025-12-14)
• Updated input 'niri-flake':
    'github:sodiboo/niri-flake/df17789929ac80f4157b15724450db6a303a6dc9?narHash=sha256-U3SDbk7tIwLChpvb3FL66o8V0byaQ2RGMiy/3oLdxTI%3D' (2025-11-03)
  → 'github:sodiboo/niri-flake/ded1462ebc03ed723f0f9f5514e72469da687817?narHash=sha256-P9kQIIPSCqmKyHD/9wFZ4ezlqofnAzYBmolSF1f5xog%3D' (2025-12-14)
• Updated input 'niri-flake/niri-unstable':
    'github:YaLTeR/niri/a2ca2b3c866bc781b12c334a9f949b3db6d7c943?narHash=sha256-anRlNG6t7esBbF1%2BALDeathVBSclA0PEL52Vo0WnN5g%3D' (2025-11-03)
  → 'github:YaLTeR/niri/7c0898570ca5bd3f10fbf4cf2f8a00edc48d787b?narHash=sha256-Erk%2BypR8N%2BrCvjMdUB1N/v4jtm4QRH9k7r/9zh2HyC8%3D' (2025-12-14)
• Updated input 'niri-flake/nixpkgs':
    'github:NixOS/nixpkgs/2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15?narHash=sha256-kJ8lIZsiPOmbkJypG%2BB5sReDXSD1KGu2VEPNqhRa/ew%3D' (2025-10-31)
  → 'github:NixOS/nixpkgs/2fbfb1d73d239d2402a8fe03963e37aab15abe8b?narHash=sha256-9VvC20PJPsleGMewwcWYKGzDIyjckEz8uWmT0vCDYK0%3D' (2025-12-11)
• Updated input 'niri-flake/nixpkgs-stable':
    'github:NixOS/nixpkgs/3de8f8d73e35724bf9abef41f1bdbedda1e14a31?narHash=sha256-IYlYnp4O4dzEpL77BD/lj5NnJy2J8qbHkNSFiPBCbqo%3D' (2025-11-01)
  → 'github:NixOS/nixpkgs/28bb483c11a1214a73f9fd2d9928a6e2ea86ec71?narHash=sha256-9Wx53UK0z8Di5iesJID0tS1dRKwGxI4i7tsSanOHhF0%3D' (2025-12-13)
• Updated input 'niri-flake/xwayland-satellite-unstable':
    'github:Supreeeme/xwayland-satellite/0728d59ff6463a502e001fb090f6eb92dbc04756?narHash=sha256-fBrUszJXmB4MY%2Bwf3QsCnqWHcz7u7fLq0QMAWCltIQg%3D' (2025-10-28)
  → 'github:Supreeeme/xwayland-satellite/f0ad674b7009a6afd80cea59d4fbf975dd68ee95?narHash=sha256-HtTPbV6z6AJPg2d0bHaJKFrnNha%2BSEbHvbJafKAQ614%3D' (2025-12-10)
• Updated input 'nix-ai-tools':
    'github:numtide/nix-ai-tools/a2dfa932ed37e5b6224b39b4982c85cd8ebcca14?narHash=sha256-n6bChFrCf2/uHzTsZdABUt1%2BUa3n0jinNfamHd5DmBA%3D' (2025-11-17)
  → 'github:numtide/nix-ai-tools/053759f30ef14cbd87c0a1a1d3e7c729ca0db83f?narHash=sha256-VPcX5z0A58pcbRb3I42fBig3zTPm9a71iwrfgkte2J4%3D' (2025-12-14)
• Updated input 'nix-ai-tools/nixpkgs':
    'github:NixOS/nixpkgs/85a6c4a07faa12aaccd81b36ba9bfc2bec974fa1?narHash=sha256-3YJkOBrFpmcusnh7i8GXXEyh7qZG/8F5z5%2B717550Hk%3D' (2025-11-16)
  → 'github:NixOS/nixpkgs/23735a82a828372c4ef92c660864e82fbe2f5fbe?narHash=sha256-yqHBL2wYGwjGL2GUF2w3tofWl8qO9tZEuI4wSqbCrtE%3D' (2025-12-13)
• Updated input 'nix-index-database':
    'github:nix-community/nix-index-database/359ff6333a7b0b60819d4c20ed05a3a1f726771f?narHash=sha256-Pu1v3mlFhRzZiSxVHb2/i/f5yeYyRNqr0RvEUJ4UgHo%3D' (2025-11-02)
  → 'github:nix-community/nix-index-database/82befcf7dc77c909b0f2a09f5da910ec95c5b78f?narHash=sha256-d3NBA9zEtBu2JFMnTBqWj7Tmi7R5OikoU2ycrdhQEws%3D' (2025-12-09)
• Updated input 'nixos-cli':
    'github:nix-community/nixos-cli/5c259f72ae1eaa00b99354d81130d8fddb7f9a7a?narHash=sha256-IUm2nkbKlDkG94ruTmIYLERpBn6gXydm3scZIKzpcKs%3D' (2025-11-01)
  → 'github:nix-community/nixos-cli/a2019789319c1678be8dc68ecf34c83f948e7475?narHash=sha256-ToKVLDYAzKyStJgCA7W%2BRZObvwABK9fQ8i1wLUUOdLM%3D' (2025-12-11)
• Added input 'nixos-cli/flake-parts':
    'github:hercules-ci/flake-parts/2cccadc7357c0ba201788ae99c4dfa90728ef5e0?narHash=sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q%3D' (2025-11-21)
• Added input 'nixos-cli/flake-parts/nixpkgs-lib':
    'github:nix-community/nixpkgs.lib/719359f4562934ae99f5443f20aa06c2ffff91fc?narHash=sha256-b0yj6kfvO8ApcSE%2BQmA6mUfu8IYG6/uU28OFn4PaC8M%3D' (2025-10-29)
• Updated input 'nixos-cli/nixpkgs':
    'github:NixOS/nixpkgs/a7fc11be66bdfb5cdde611ee5ce381c183da8386?narHash=sha256-QoJjGd4NstnyOG4mm4KXF%2BweBzA2AH/7gn1Pmpfcb0A%3D' (2025-10-31)
  → 'github:NixOS/nixpkgs/23258e03aaa49b3a68597e3e50eb0cbce7e42e9d?narHash=sha256-nA5ywiGKl76atrbdZ5Aucd8SjF/v8ew9b9QsC%2BMKL14%3D' (2025-11-30)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15?narHash=sha256-kJ8lIZsiPOmbkJypG%2BB5sReDXSD1KGu2VEPNqhRa/ew%3D' (2025-10-31)
  → 'github:nixos/nixpkgs/2fbfb1d73d239d2402a8fe03963e37aab15abe8b?narHash=sha256-9VvC20PJPsleGMewwcWYKGzDIyjckEz8uWmT0vCDYK0%3D' (2025-12-11)
• Updated input 'nixpkgs-stable':
    'github:nixos/nixpkgs/3de8f8d73e35724bf9abef41f1bdbedda1e14a31?narHash=sha256-IYlYnp4O4dzEpL77BD/lj5NnJy2J8qbHkNSFiPBCbqo%3D' (2025-11-01)
  → 'github:nixos/nixpkgs/28bb483c11a1214a73f9fd2d9928a6e2ea86ec71?narHash=sha256-9Wx53UK0z8Di5iesJID0tS1dRKwGxI4i7tsSanOHhF0%3D' (2025-12-13)
• Updated input 'noctalia':
    'github:noctalia-dev/noctalia-shell/5ca5aa602f58a8e0e73fedbef351f1cdf8cbe981?narHash=sha256-gHfzrTDSnNC5yRJwkZfP55fPHUc8DuB4OQEIBSQSs18%3D' (2025-11-03)
  → 'github:noctalia-dev/noctalia-shell/04852ccdc10ab7e289a4bd6f5987972196744e9d?narHash=sha256-4CUoczVKiEEGCVl4qw3jo9YRCpX6d53hw0KMptdaFCQ%3D' (2025-12-14)
• Removed input 'noctalia/quickshell'
• Removed input 'noctalia/quickshell/nixpkgs'
• Removed input 'noctalia/systems'
• Updated input 'stylix':
    'github:danth/stylix/8c0640d5722a02178c8ee80a62c5f019cab4b3c1?narHash=sha256-wGiL2K3kAyBBmIZpJEskaSIgyzzpg0zwfvri%2BSy6/CI%3D' (2025-11-02)
  → 'github:danth/stylix/dd14de4432a94e93e10d0159f1d411487e435e1e?narHash=sha256-sDG%2Bc73xEnIw1pFNRWffKDnTWiTuyZiEP%2BIub0D3mWA%3D' (2025-12-11)
• Updated input 'stylix/base16-helix':
    'github:tinted-theming/base16-helix/27cf1e66e50abc622fb76a3019012dc07c678fac?narHash=sha256-0CQM%2BFkYy0fOO/sMGhOoNL80ftsAzYCg9VhIrodqusM%3D' (2025-07-20)
  → 'github:tinted-theming/base16-helix/d646af9b7d14bff08824538164af99d0c521b185?narHash=sha256-m82fGUYns4uHd%2BZTdoLX2vlHikzwzdu2s2rYM2bNwzw%3D' (2025-10-17)
• Updated input 'stylix/firefox-gnome-theme':
    'github:rafaelmardojai/firefox-gnome-theme/0909cfe4a2af8d358ad13b20246a350e14c2473d?narHash=sha256-lizRM2pj6PHrR25yimjyFn04OS4wcdbc38DCdBVa2rk%3D' (2025-09-17)
  → 'github:rafaelmardojai/firefox-gnome-theme/66b7c635763d8e6eb86bd766de5a1e1fbfcc1047?narHash=sha256-OkFLrD3pFR952TrjQi1%2BVdj604KLcMnkpa7lkW7XskI%3D' (2025-12-03)
• Updated input 'stylix/flake-parts':
    'github:hercules-ci/flake-parts/4524271976b625a4a605beefd893f270620fd751?narHash=sha256-%2BuWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw%3D' (2025-09-01)
  → 'github:hercules-ci/flake-parts/2cccadc7357c0ba201788ae99c4dfa90728ef5e0?narHash=sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q%3D' (2025-11-21)
• Updated input 'stylix/gnome-shell':
    'github:GNOME/gnome-shell/8c88f917db0f1f0d80fa55206c863d3746fa18d0?narHash=sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0%3D' (2025-05-25)
  → 'gitlab:GNOME/gnome-shell/c0e1ad9f0f703fd0519033b8f46c3267aab51a22?host=gitlab.gnome.org&narHash=sha256-bTmNn3Q4tMQ0J/P0O5BfTQwqEnCiQIzOGef9/aqAZvk%3D' (2025-11-30)
• Updated input 'stylix/nixpkgs':
    'github:NixOS/nixpkgs/e643668fd71b949c53f8626614b21ff71a07379d?narHash=sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o%3D' (2025-09-24)
  → 'github:NixOS/nixpkgs/2d293cbfa5a793b4c50d17c05ef9e385b90edf6c?narHash=sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4%3D' (2025-11-30)
• Updated input 'stylix/nur':
    'github:nix-community/NUR/ba8d9c98f5f4630bcb0e815ab456afd90c930728?narHash=sha256-VLx0z396gDCGSiowLMFz5XRO/XuNV%2B4EnDYjdJhHvUk%3D' (2025-09-27)
  → 'github:nix-community/NUR/1d9616689e98beded059ad0384b9951e967a17fa?narHash=sha256-mCBl7MD1WZ7yCG6bR9MmpPO2VydpNkWFgnslJRIT1YU%3D' (2025-12-03)
• Updated input 'stylix/tinted-schemes':
    'github:tinted-theming/schemes/317a5e10c35825a6c905d912e480dfe8e71c7559?narHash=sha256-d4km8W7w2zCUEmPAPUoLk1NlYrGODuVa3P7St%2BUrqkM%3D' (2025-09-12)
  → 'github:tinted-theming/schemes/0f6be815d258e435c9b137befe5ef4ff24bea32c?narHash=sha256-Hju0WtMf3iForxtOwXqGp3Ynipo0EYx1AqMKLPp9BJw%3D' (2025-11-23)
• Updated input 'stylix/tinted-tmux':
    'github:tinted-theming/tinted-tmux/d217ba31c846006e9e0ae70775b0ee0f00aa6b1e?narHash=sha256-n5ZJgmzGZXOD9pZdAl1OnBu3PIqD%2BX3vEBUGbTi4JiI%3D' (2025-09-14)
  → 'github:tinted-theming/tinted-tmux/edf89a780e239263cc691a987721f786ddc4f6aa?narHash=sha256-lbSVPqLEk2SqMrnpvWuKYGCaAlfWFMA6MVmcOFJjdjE%3D' (2025-11-30)
• Updated input 'stylix/tinted-zed':
    'github:tinted-theming/base16-zed/824fe0aacf82b3c26690d14e8d2cedd56e18404e?narHash=sha256-4EFOUyLj85NRL3OacHoLGEo0wjiRJzfsXtR4CZWAn6w%3D' (2025-09-14)
  → 'github:tinted-theming/base16-zed/907dbba5fb8cf69ebfd90b00813418a412d0a29a?narHash=sha256-rCD/pAhkMdCx6blsFwxIyvBJbPZZ1oL2sVFrH07lmqg%3D' (2025-11-30)
• Updated input 'terranix':
    'github:terranix/terranix/a79a47b4617dfb92184e2e5b8f5aa6fc06c659c8?narHash=sha256-J1L1yP29NVBJO04LA/JGM6kwhnjeNhEsX0tLFnuN3FI%3D' (2025-11-03)
  → 'github:terranix/terranix/3b5947a48da5694094b301a3b1ef7b22ec8b19fc?narHash=sha256-iVS4sxVgGn%2BT74rGJjEJbzx%2BkjsuaP3wdQVXBNJ79A0%3D' (2025-11-06)
• Updated input 'vicinae':
    'github:vicinaehq/vicinae/54722e36137d8273ef0a5db37776fb8302c79238?narHash=sha256-8BoGGsWfkS/2ODBSCYd5HJNFGuLY8fFl27rXmWClXQw%3D' (2025-11-09)
  → 'github:vicinaehq/vicinae/32cf6b1f82e007cddba9c9ae037eff670219cd55?narHash=sha256-etv2HJA9OWvTkjnrjaNSqvebu9gWLIGPYb9PWr4qkfM%3D' (2025-12-09)
• Removed input 'vicinae/flake-utils'
• Removed input 'vicinae/flake-utils/systems'
• Added input 'vicinae/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e?narHash=sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768%3D' (2023-04-09)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/10e69cb268b1d3dc91135e72f5462b2acfbcc3aa?narHash=sha256-sIPhzkDrfe6ptthZiwoxQyO6rKd9PgJnl%2BLOyythQkI%3D' (2025-11-03)
  → 'github:0xc000022070/zen-browser-flake/463d3f091ad2b0ba2a4982f4181d22e452b2659d?narHash=sha256-rAWVEEbfWZKTaiqBA/ogkeHvbzlkDHZjZPHbjWUnpw8%3D' (2025-12-14)
• Updated input 'zen-browser/home-manager':
    'github:nix-community/home-manager/e8c19a3cec2814c754f031ab3ae7316b64da085b?narHash=sha256-S%2BwmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR%2Bkw%3D' (2025-07-15)
  → 'github:nix-community/home-manager/827f2a23373a774a8805f84ca5344654c31f354b?narHash=sha256-RYHN8O/Aja59XDji6WSJZPkJpYVUfpSkyH%2BPEupBJqM%3D' (2025-11-12)
• Updated input 'zen-browser/nixpkgs':
    'github:nixos/nixpkgs/20075955deac2583bb12f07151c2df830ef346b4?narHash=sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs%2BStOp19xNsbqdOg%3D' (2025-08-19)
  → 'github:nixos/nixpkgs/c5ae371f1a6a7fd27823bc500d9390b38c05fa55?narHash=sha256-4PqRErxfe%2B2toFJFgcRKZ0UI9NSIOJa%2B7RXVtBhy4KE%3D' (2025-11-12)
 2025-12-14 11:02:15 -03:00
William
dc618a8d28 update nixpkgs-stable to 25.11 2025-12-14 11:01:03 -03:00
William
52169c319c collabora is now the online office suite 2025-11-30 09:59:31 -03:00
William
fdf14765fd cleaner shared services file 2025-11-30 09:47:05 -03:00
William
b80fe6604e add collabora office flatpak 2025-11-30 09:47:05 -03:00
William
53bce23a05 allow vm interface in firewall 2025-11-27 19:16:59 -03:00
William
1dc55be5e1 flake.lock: Update 
Flake lock file updates:

• Updated input 'nix-ai-tools':
    'github:numtide/nix-ai-tools/58d5d222d6802a75c1ed637d049ea438d199051a?narHash=sha256-pQ2XzsB/n8E5FWYnICZu/BzkKy8a50EzmUGTCo5SeHg%3D' (2025-11-13)
  → 'github:numtide/nix-ai-tools/a2dfa932ed37e5b6224b39b4982c85cd8ebcca14?narHash=sha256-n6bChFrCf2/uHzTsZdABUt1%2BUa3n0jinNfamHd5DmBA%3D' (2025-11-17)
• Updated input 'nix-ai-tools/blueprint':
    'github:numtide/blueprint/633af1961cae8e02bc6195e6e599a6b09bf75217?narHash=sha256-wTQzbbQ6XHtvNJVuhJj%2BytZDRyNtwUKbrIfIvMvKNfQ%3D' (2025-10-28)
  → 'github:numtide/blueprint/5a9bba070f801d63e2af3c9ef00b86b212429f4f?narHash=sha256-O9Y%2BWer8wOh%2BN%2B4kcCK5p/VLrXyX%2Bktk0/s3HdZvJzk%3D' (2025-11-16)
• Updated input 'nix-ai-tools/nixpkgs':
    'github:NixOS/nixpkgs/9da7f1cf7f8a6e2a7cb3001b048546c92a8258b4?narHash=sha256-SlybxLZ1/e4T2lb1czEtWVzDCVSTvk9WLwGhmxFmBxI%3D' (2025-11-11)
  → 'github:NixOS/nixpkgs/85a6c4a07faa12aaccd81b36ba9bfc2bec974fa1?narHash=sha256-3YJkOBrFpmcusnh7i8GXXEyh7qZG/8F5z5%2B717550Hk%3D' (2025-11-16)
 2025-11-18 19:09:57 -03:00
William
eebacb0f1f add power profiles daemon to io 2025-11-13 19:16:39 -03:00
William
0925a66f22 flake.lock: Update 
Flake lock file updates:

• Updated input 'nix-ai-tools':
    'github:numtide/nix-ai-tools/aaee8f2df1325c7f212d769515092162bcac31a7?narHash=sha256-aWt5CgOsQiiq%2BcaxF0iqp56kfHRkv8Tnz0X9DhJeBEE%3D' (2025-11-06)
  → 'github:numtide/nix-ai-tools/58d5d222d6802a75c1ed637d049ea438d199051a?narHash=sha256-pQ2XzsB/n8E5FWYnICZu/BzkKy8a50EzmUGTCo5SeHg%3D' (2025-11-13)
• Updated input 'nix-ai-tools/nixpkgs':
    'github:NixOS/nixpkgs/b3d51a0365f6695e7dd5cdf3e180604530ed33b4?narHash=sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw%3D' (2025-11-02)
  → 'github:NixOS/nixpkgs/9da7f1cf7f8a6e2a7cb3001b048546c92a8258b4?narHash=sha256-SlybxLZ1/e4T2lb1czEtWVzDCVSTvk9WLwGhmxFmBxI%3D' (2025-11-11)
• Updated input 'nix-ai-tools/treefmt-nix':
    'github:numtide/treefmt-nix/97a30861b13c3731a84e09405414398fbf3e109f?narHash=sha256-aF5fvoZeoXNPxT0bejFUBXeUjXfHLSL7g%2BmjR/p5TEg%3D' (2025-11-06)
  → 'github:numtide/treefmt-nix/5b4ee75aeefd1e2d5a1cc43cf6ba65eba75e83e4?narHash=sha256-AlEObg0syDl%2BSpi4LsZIBrjw%2BsnSVU4T8MOeuZJUJjM%3D' (2025-11-12)
 2025-11-13 14:26:35 -03:00
William
489af5a79f new noctalia ipc command 2025-11-10 11:46:54 -03:00
William
e95ba0215b new ssh key for himalia 2025-11-10 11:04:55 -03:00
William
b602a78bb3 vicinae as a launcher 2025-11-10 07:52:47 -03:00
William
bb0ea27696 niri keybinds 2025-11-09 19:01:37 -03:00
William
ae6d46012b fail2ban: fix config; forgejo: repository path and persistency 2025-11-09 18:31:46 -03:00
William
5906fa6f36 fix forgejo's ssh domain 2025-11-09 16:31:52 -03:00
william
5af6c53d81 Update readme.md 2025-11-09 16:28:17 -03:00
William
09a4092b92 better noctalia integration for niri 2025-11-09 13:56:57 -03:00
William
3d71b8c1b8 update readme.md 2025-11-09 13:41:41 -03:00
William
0961eb8f76 dns records only for actual services 2025-11-09 13:37:04 -03:00
William
f979314a3c new readme 2025-11-09 13:31:27 -03:00
William
f1b6be6f3f Add fail2ban configuration for SSH and Forgejo on Trantor 
- Configure fail2ban with progressive ban times (1h base, up to 10000h max)
- Add SSH jail with password authentication disabled
- Add Forgejo jail using systemd journal backend
- Ignore private networks and Tailscale IPs
- Set Forgejo to 10 retries per hour, 15min initial ban

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 13:00:17 -03:00
William
cd17bf2561 only forgejo is public for now 2025-11-09 12:36:43 -03:00
William
ad9d565a8f Route DNS based on service visibility flags 
Replace wildcard DNS with dynamic service-based routing that reads
from shared/services.nix. Public services (forgejo, vaultwarden,
nextcloud) point to trantor's public IP for external access, while
private services (kanidm, jellyfin) point to tailscale IPs for
internal-only access. This provides granular control over service
exposure without manual DNS management.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 11:20:21 -03:00
William
878c4aa3ea Add public visibility flags to service definitions 
Mark services as public or private to control external access:
- Public: vaultwarden, forgejo, nextcloud
- Private: kanidm, jellyfin

This enables proper routing and firewall configuration based on
intended service visibility.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 11:12:06 -03:00
William
6f1aca7b01 Configure Forgejo OAuth2 and disable public registration 
Add OAuth2 client configuration to enable auto-registration via SSO
with Kanidm, while disabling direct public registration. Users can now
authenticate through the identity provider with automatic account
creation and avatar syncing.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 11:11:55 -03:00
William
14c4440dd1 forgejo: disable singup; document root password 2025-11-09 10:34:57 -03:00
William
1921aad1bd Update Cloudflare DNS configuration with explicit zone ID 
Replace sensitive zone_id variable with hardcoded value and update
DNS record configuration to use cloudflare_dns_record resource type.
Disable proxying and set explicit TTL for better control over DNS
propagation.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 10:30:02 -03:00
William
1b1d7896e6 Document required environment variables for OCI configuration 
Add documentation about required OCI and AWS credentials for the
trantor configuration, clarifying that ~/.oci/config can be used
as an alternative to environment variables.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 10:29:54 -03:00
William
808bccf0a2 Add Tailscale tailnet DNS configuration via Terranix 
Configure global DNS nameservers for the Tailscale tailnet, setting
trantor as the primary DNS server with Cloudflare as fallback. This
enables custom DNS resolution across the entire tailnet.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 10:29:45 -03:00
William
92f5593611 junction default browser; remove brave 2025-11-09 07:55:42 -03:00
William
095d881ad9 no ghostty notifications 2025-11-09 07:51:15 -03:00
William
258bcac597 Integrate Kanidm with Nextcloud via OIDC 
Added Kanidm identity provider integration with Nextcloud:
- Enabled Kanidm client in kanidm.nix for CLI access
- Added user_oidc app to Nextcloud for OpenID Connect authentication
- Configured allow_local_remote_servers to permit Nextcloud to reach
  Kanidm at auth.baduhai.dev (resolves to local IP 192.168.15.142)

OAuth2 client configuration (done via kanidm CLI):
- Client ID: nextcloud
- Scopes: openid, email, profile mapped to idm_all_accounts group
- Redirect URI: https://cloud.baduhai.dev/apps/user_oidc/code
- User mapping: name claim maps to Nextcloud username

This allows users to authenticate to Nextcloud using their Kanidm
credentials, with existing Nextcloud accounts linked via username.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-08 23:56:40 -03:00
William
58fec03579 Switch ACME to DNS-01 challenge with auto-configured certificates 
Changed certificate generation from HTTP-01 to DNS-01 challenge to support
services behind Tailscale/CGNAT IPs. HTTP-01 challenges fail because Let's
Encrypt cannot reach private Tailscale IPs (100.x.x.x) that Cloudflare DNS
points to.

Changes:
- Pre-configure certificates in security.acme.certs using DNS-01 via Cloudflare
- Auto-generate certificate configs from shared/services.nix
  - Alexandria: filters services with host == "alexandria"
  - Trantor: filters services with host == "trantor"
- Updated mkNginxVHosts to use useACMEHost instead of enableACME
- Each domain gets its own certificate configured with DNS-01 challenge

This ensures all services get valid Let's Encrypt certificates even when
accessible only through Tailscale or private networks.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-08 22:53:18 -03:00
William
952a55f03d Add Kanidm identity provider to alexandria 
Added Kanidm server configuration to serve as central identity provider for
all services. Configuration includes:
- Server on auth.baduhai.dev with HTTPS
- LDAP support on port 636 for legacy integrations
- Nginx reverse proxy with SSL termination
- Added to shared services for DNS resolution

Kanidm will provide OAuth2/OIDC authentication for Nextcloud, Vaultwarden,
Forgejo, and other services.
 2025-11-08 22:24:37 -03:00
William
73db534269 Switch from wildcard to per-domain SSL certificates 
Updated mkNginxVHosts to use per-domain certificates (enableACME) instead
of shared wildcard certificates (useACMEHost). Each service now requests
its own certificate, avoiding conflicts between hosts and following the
principle of least privilege.

Removed wildcard certificate configuration from both alexandria and trantor.
Each host now only obtains certificates for domains it actually serves:
- Alexandria: pass.baduhai.dev, cloud.baduhai.dev, jellyfin.baduhai.dev
- Trantor: git.baduhai.dev
 2025-11-08 21:47:41 -03:00
William
34622a05cb Move forgejo from alexandria to trantor 
Migrated forgejo service and configuration to trantor. Added nginx reverse
proxy support on trantor with ACME configuration for SSL certificates.

Fixed vaultwarden domain in shared services from vault.baduhai.dev to
pass.baduhai.dev to match actual nginx configuration.
 2025-11-08 21:47:16 -03:00
William
ee1a7c4d18 Split DNS servers: alexandria for LAN, trantor for tailnet 
Alexandria's unbound now only serves LAN clients (192.168.0.0/16) and
returns LAN IPs for service domains.

Created new unbound instance on trantor to serve Tailscale clients
(100.64.0.0/10) and return tailscale IPs for service domains.

Both configurations pull service records from shared/services.nix.
 2025-11-08 21:35:53 -03:00
William
8d8847e2fb Remove split DNS module and per-service entries 
Removed the split-dns.nix module and all service-specific splitDNS.entries
configurations. Service DNS records are now sourced from the centralized
shared/services.nix file instead of being declared individually in each
service configuration.
 2025-11-08 21:35:33 -03:00
William
af444584d0 Add shared services infrastructure for cross-host data 
Created centralized service definitions in shared/services.nix to store
service metadata (domains, IPs, ports) that need to be accessible across
multiple hosts. This replaces the per-service split DNS module approach
with a single source of truth.

Services are now exported through utils.nix for easy access in host configs.
 2025-11-08 21:35:13 -03:00
William
2289f0e6e4 beginnings of split dns 2025-11-08 20:47:21 -03:00
William
a1369e5818 rekeyd secrets 2025-11-08 20:46:38 -03:00
William
52eaf14b09 noto emoji font name change; niri window/workspace up/down keybind 2025-11-08 13:02:22 -03:00
William
5baff5a68e added kanshi to manage displays 2025-11-07 12:13:47 -03:00
William
d3ef56c724 add presenterm to desktops 2025-11-07 11:55:27 -03:00
William
45f89a1663 add claude-code back 2025-11-07 07:15:12 -03:00
William
59cda1884d add recipient to oci alert 2025-11-07 06:17:28 -03:00
William
6ec815a766 fix disko usage for io 2025-11-06 19:59:58 -03:00
William
cb59a911d6 added ai tag for desktop hosts 2025-11-06 19:57:04 -03:00